This is how the “cyberspy industry” that harasses activists and journalists works

The cyber espionage industry claims that it only acts against criminals and terrorists, but it is not true. As forensic investigators or the very digital services where they hunt their victims have revealed, their attacks are often directed against activists, journalists, politicians or dissidents from authoritarian regimes. It has happened for years, but it has not been until very recently that the voices that denounce that this activity is illegal and must stop have been raised.

The first company to act was Facebook. He did so in 2019 through WhatsApp, which brought NSO, an Israeli company that had dedicated itself to hacking the messaging app to spy on its targets, to court. Apple did the same this November when it found that its phones, computers and watches had also been hacked.

NSO is the best known company in this industry. Its spy virus, Pegasus, has been used against members of civil society around the world, such as on the phones of Catalan pro-independence politicians. But “NSO is only one piece of a much broader global ecosystem of cybermercenaries,” warns Facebook, which this week published a report that uncovers the practices of the digital espionage industry and points to several companies.

“These companies are part of a growing industry that provides hacking tools and surveillance services indiscriminately to any client, regardless of who they are directed against or the human rights abuses they may unleash,” the signed report highlights. by the three main security officers of the social media corporation.

“Their targeting is really indiscriminate and includes journalists, dissidents, critics of authoritarian regimes, families of opponents and human rights activists,” Facebook emphasizes. “What’s more, the use of these hacking services makes it difficult to see who each end customer may be, what is collected and how the information is used against vulnerable groups.”

One of the seven companies that Facebook points to is Black Cube, founded in Israel but based in Spain. Its offices are in the financial district of the capital, in the Torre Europa, in front of the Paseo de la Castellana. It is made up of former Mossad agents and has been linked to the harassment of Harvey Weinstein victims or industrial espionage against the construction company ACS.

Facebook accuses him of creating 300 false accounts to hack users of its networks, with identities adapted for each objective. They pretended to be students, NGO workers, human rights activists, or film or television producers. They tried to trick their victims into finding out their email or phone number, “probably for later phishing attacks.”

“Our investigation uncovered a wide range of clients, including individuals, companies and law firms from around the world,” the report states. “Targeting by Black Cube on behalf of its clients was also widespread geographically and across the board, including the medical, mining, minerals and energy sectors. It also included NGOs from Africa, Eastern Europe and South America. as well as Palestinian activists. “ has contacted Black Cube, but has not received a response. On its website the company states that “it always acts legally in each jurisdiction.” “We never use intimidation, blackmail or hacking to obtain information,” he adds.

The other companies indicated by the social network are Cobwebs Technologies (USA), Cognyte (Israel), Bluehawk CI (Israel), BellTroX (India), Cytrox (North Macedonia) and an entity that acted from China that it has not been able to identify. Together they have attacked 50,000 people around the world, as detected by Facebook.

Each of these companies engaged in one, two, or all three phases of what Facebook calls a “chain of surveillance,” a circle of espionage activities targeting and targeting victims. He calls them recognition, Contact Y exploitation. “Each phase informs the next and they often repeat in cycles,” he reports. The fake Black Cube accounts have been caught performing in all three stages.

The phase of recognition It is the first to go live and also the most difficult to detect, the report explains. It unfolds in silence. Data collection software is used that combs the Internet for sources of information about the target, be it on social media, media or forums. Fake accounts are also used to check your likes and friend lists. The two tools can be used by cyber spies or made available to their customers, sums up Facebook.

The objective of the phase Contact is to generate trust in the victims from the data of the recognition. “To do this, mercenaries often resort to social engineering tactics and use fictitious identities to contact these people through email, calls or direct messages on social networks,” the report details. These profiles are created in detail in order to establish a relationship with the target.

Contacts can be very long. Cyber ​​espionage agencies often create an activity trail of these fake identities on the Internet, such as profiles on other networks or blog posts, so that they can withstand scrutiny by the victim. Everything so that when the hook is thrown at him, trying to extract the information they are looking for or a spy virus is downloaded, he falls.

There begins the phase of exploitation. The hack can pursue the target’s sensitive passwords, financial information, or directly compromise their devices with those surveillance programs, which may be designed by the spy company itself or purchased from third parties. Pegasus, for example, can carry out a total surveillance of the phone or computer in which it is implanted, accessing the location, applications, photos, videos, messages, open sessions in it, contacts or keystrokes on the keyboard. It also allows you to remotely activate the camera, microphone or GPS at will.

The Facebook report concludes by recalling that “these cybermercenaries rarely faced the consequences when their products are used to attack vulnerable actors such as activists, journalists and minority groups, causing serious damage.” The corporation calls for the collaboration of the digital industry and governments to change this.

Facebook, which has been involved in multiple scandals due to its privacy practices and neglect with the toxic consequences that the use of its networks has on users, also requests that “ethical guidelines” be drawn up for cyber espionage companies. In this case, it should be noted that civil society organizations such as the Electronic Frontier Foundation (EFF) or the Citizen Lab of the University of Toronto, as well as other digital giants such as Microsoft or Apple coincide with Mark Zuckerberg’s company.


Related articles

The importance of official language certificates in the academic and professional career

The current offer of language certificates is the result of globalization and the need to establish common standards to evaluate...

Google Chrome will offer writing suggestions with the help of Gemini AI

MADRID, Feb. 23 (Portaltic/EP) - The Chrome browser will make writing suggestions to the user, a feature powered...